package nuc.edu.cn.controller;

import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
@EnableGlobalMethodSecurity(securedEnabled = true,prePostEnabled = true)
public class HelloController {
//    @PostMapping("/login")
//    public String login(){
//        System.out.println("执行登录方法");
//        return "redirect:main.html";
//    }
    @RequestMapping ("/toMain")
//    @Secured("ROLE_abc")
    //PreAuthorize表达式中可以以ROLE_开头，但配置类不允许
    @PreAuthorize("hasRole('ROLE_abc')")
    public String main(){
        System.out.println("执行登录方法");
        return "redirect:main.html";
    }
    @RequestMapping ("/toError")
    public String toerror(){
        System.out.println("登录失败方法");
        return "redirect:error.html";
    }
    @RequestMapping("/Demo")
    @ResponseBody
    public String demo(){
        return "demo";
    }
}
